Lucene search
K

9 matches found

OSV
OSV
added 2019/12/11 6:16 p.m.16 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2019/12/11 5:30 p.m.26 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.2AI score0.01755EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/12/11 5:30 p.m.16 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS5.3AI score0.01755EPSS
Exploits0
ArchLinux
ArchLinux
added 2019/12/06 12:0 a.m.25 views

[ASA-201912-3] crypto++: private key recovery

Arch Linux Security Advisory ASA-201912-3 ========================================= Severity: High Date : 2019-12-06 CVE-ID : CVE-2019-14318 Package : crypto++ Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-1046 Summary ======= The package crypto++ before versi...

5.9CVSS0.5AI score0.03245EPSS
Exploits1References7
OSV
OSV
added 2019/11/20 1:34 a.m.18 views

GHSA-MR6R-82X4-F4JJ Timing attacks might allow practical recovery of the long-term private key

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve whic...

7.4CVSS7.3AI score0.01091EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2019/11/20 1:34 a.m.44 views

Timing attacks might allow practical recovery of the long-term private key

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve whic...

7.4CVSS3.9AI score0.01091EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2019/11/18 10:15 p.m.23 views

CVE-2019-10764

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve whic...

7.4CVSS7.3AI score0.01091EPSS
Exploits1References2
OSV
OSV
added 2019/11/18 10:15 p.m.12 views

CVE-2019-10764

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve whic...

7.4CVSS7.4AI score
Exploits0References2
Cvelist
Cvelist
added 2019/11/18 9:55 p.m.25 views

CVE-2019-10764

In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve whic...

7.3AI score0.01091EPSS
Exploits1References2
Rows per page
Query Builder